urlscan.io logo urlscan.io
SecurityTrails logo

www.hartmannspa.de Open in urlscan Pro
202.61.195.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hartmannspa.de/
Effective URL: https://www.hartmannspa.de/
Submission: On February 14 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 46 HTTP transactions. The main IP is 202.61.195.196, located in Nuremberg, Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is www.hartmannspa.de.
TLS certificate: Issued by R3 on January 15th 2024. Valid for: 3 months.
This is the only time www.hartmannspa.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 202.61.195.196 197540 (NETCUP-AS...)
1 2600:9000:26f... 16509 (AMAZON-02)
4 159.69.101.75 24940 (HETZNER-AS)
10 151.101.1.21 54113 (FASTLY)
2 192.229.210.155 15133 (EDGECAST)
46 6
29    202.61.195.196 (Nuremberg, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: mail.regen-chemnitz.de
hartmannspa.de
www.hartmannspa.de
1    2600:9000:26fa:5400:1e:5ae:1e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
x.klarnacdn.net
4    159.69.101.75 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: php-56-1.bilobahost.de
cdn.biloba-it.de
10    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
2    192.229.210.155 (United States)

ASN15133 (EDGECAST, US)
t.paypal.com
www.paypalobjects.com
Apex Domain
Subdomains		 Transfer
29 hartmannspa.de
hartmannspa.de
www.hartmannspa.de
3 MB
11 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2925
t.paypal.com — Cisco Umbrella Rank: 3365
375 KB
4 biloba-it.de
cdn.biloba-it.de
10 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2536
30 KB
1 klarnacdn.net
x.klarnacdn.net — Cisco Umbrella Rank: 8379
3 KB
46 5
Domain Requested by
28 www.hartmannspa.de www.hartmannspa.de
10 www.paypal.com www.hartmannspa.de
www.paypal.com
4 cdn.biloba-it.de www.hartmannspa.de
1 www.paypalobjects.com www.paypal.com
1 t.paypal.com www.hartmannspa.de
1 x.klarnacdn.net www.hartmannspa.de
1 hartmannspa.de 1 redirects
46 7

This site contains no links.

Subject Issuer Validity Valid
www.hartmannspa.de
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
x.klarnacdn.net
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-26		 a year crt.sh
cdn.biloba-it.de
R3		 2024-02-03 -
2024-05-03		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-24 -
2024-08-21		 7 months crt.sh

This page contains 3 frames:

Primary Page: https://www.hartmannspa.de/
Frame ID: 2C9111A8A10B839A32875598B19C4E58
Requests: 37 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_juirfoioejrjnoaiskmmkldkgkqxxe&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&version=1.55.0&integrationType=SDK
Frame ID: ED96A925D7AE7A6FF324D4FEF1BE2DB3
Requests: 4 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&channel=UPSTREAM&style=%7B%22layout%22%3A%22text%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%228x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&version=1.55.0&integrationType=SDK&deviceID=uid_a98f4ac71b_mtg6mtg6mde&sessionID=uid_93b6dacd6f_mtg6mtg6mde&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&message_request_id=uid_982dc4216f_mtg6mtg6mde&disableSetCookie=true
Frame ID: 134CCECFE0E22E780ED0B9C2A2AC2930
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HartmannSpa | The World of Wellness | Whirlpools & Saunen

Page URL History Show full URLs

  1. https://hartmannspa.de/ HTTP 301
    https://www.hartmannspa.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
  • <a[^>]*href=[^>]*/Checkout
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

46
Requests

98 %
HTTPS

20 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

3964 kB
Transfer

5113 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hartmannspa.de/ HTTP 301
    https://www.hartmannspa.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hartmannspa.de/
Redirect Chain
  • https://hartmannspa.de/
  • https://www.hartmannspa.de/
179 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d5c85a10f27ad850104976df5bbfd409f8c36f7d643f8eb4835aa488d3669367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
2727
Cache-Control
must-revalidate, public, s-maxage=7200
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Feb 2024 17:32:30 GMT
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0 (Ubuntu)
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
deny
sw-invalidation-states

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Wed, 14 Feb 2024 18:17:56 GMT
Location
https://www.hartmannspa.de/
Server
nginx/1.18.0 (Ubuntu)
all.css
www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/ 		454 KB
454 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2c4df7775d2d03978341fd9b0710a58f8f49eafef56559c03f2ef89804e8b697

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:57 GMT
Last-Modified
Mon, 14 Mar 2022 11:06:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"622f21c6-71780"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
464768
logo.png
www.hartmannspa.de/media/54/2a/0e/1637836545/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/media/54/2a/0e/1637836545/logo.png
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f10448fd4040ffbbe7ffc433c7c7df119fda03985167ae1eaf6bb8502adf2cc0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:57 GMT
Last-Modified
Thu, 25 Nov 2021 10:35:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"619f6701-3a1c"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
14876
kategorieWhirlpoolAufblasbar_1920x1920.jpg
www.hartmannspa.de/thumbnail/01/06/42/1640333535/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/01/06/42/1640333535/kategorieWhirlpoolAufblasbar_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ef2f89c664962bd1b9a187ec58671315ff0cc71af3d6f55930f5b6ace92766e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:58 GMT
Last-Modified
Fri, 24 Dec 2021 08:12:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61c580df-e4eb"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
58603
whirlpoolndoor_1920x1920.webp
www.hartmannspa.de/thumbnail/0d/74/e3/1675931873/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/0d/74/e3/1675931873/whirlpoolndoor_1920x1920.webp
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f15645fa359f1a0decb522902b05eba35b3c899a8f3f65f07c0b5b79ff5a26e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:58 GMT
Last-Modified
Thu, 09 Feb 2023 08:37:53 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63e4b0e1-affe"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
45054
id-01-pearl-shadow-15027ab9_1920x1920.jpg
www.hartmannspa.de/thumbnail/68/fb/e9/1644491764/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/68/fb/e9/1644491764/id-01-pearl-shadow-15027ab9_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d51b3ddb1143db078f35bddb593dd3d9d6055e33080420423bd1984b9764d56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:58 GMT
Last-Modified
Thu, 10 Feb 2022 11:16:05 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"6204f3f5-43512"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
275730
kategorieSauna_1920x1920.jpg
www.hartmannspa.de/thumbnail/d4/11/94/1640333535/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/d4/11/94/1640333535/kategorieSauna_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
638814dfb779a99e7ead6654954b07bced50aa42c05bcf4bcfe29985d36b1064

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Fri, 24 Dec 2021 08:12:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61c580df-dbda"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
56282
infrarotheizkoerber_1920x1920.jpg
www.hartmannspa.de/thumbnail/b9/7a/0e/1668433848/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/b9/7a/0e/1668433848/infrarotheizkoerber_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
694e871087b89348ba8c1730e69901bc2795073b1188d6ffbb4bd43d43058cc8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Mon, 14 Nov 2022 13:50:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"637247b8-8aae"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
35502
Solarenergie_1920x1920.jpg
www.hartmannspa.de/thumbnail/9f/59/3c/1675850318/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/9f/59/3c/1675850318/Solarenergie_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2c0f27dfa8252dc981a148722d79e079534c7db783d30042c9c0ef4a9ab6cf3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Wed, 08 Feb 2023 09:58:38 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63e3724e-20851"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
133201
Wasserpflege%20Produkte_1920x1920.jpg
www.hartmannspa.de/thumbnail/84/f2/c9/1675855532/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/84/f2/c9/1675855532/Wasserpflege%20Produkte_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1e81841963e9660e960a2370bfa0acd49f47be265ab3c2d0888e2f4b53878c8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Wed, 08 Feb 2023 11:25:40 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63e386b4-f4bc"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
62652
Outdoor%20Gartenm%C3%B6bel_1920x1920.jpg
www.hartmannspa.de/thumbnail/57/a3/0c/1675855571/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/57/a3/0c/1675855571/Outdoor%20Gartenm%C3%B6bel_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4d1e3e19476d95372cdffb66c2d5857eed730888c66cc809b960216355d1acce

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Wed, 08 Feb 2023 11:26:11 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63e386d3-290ac"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
168108
mspa-model-floating-lamp-b0302951jpg_1920x1920.jpg
www.hartmannspa.de/thumbnail/08/c3/4f/1640177120/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/08/c3/4f/1640177120/mspa-model-floating-lamp-b0302951jpg_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6f8db6af35c801af91705b3d2ccb2a46363a2b89e02ac12ec5b6df22bec549d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Wed, 22 Dec 2021 12:45:21 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61c31de1-1e441"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
123969
kategorieInfrarotkabine_1920x1920.jpg
www.hartmannspa.de/thumbnail/f0/44/76/1640333535/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/f0/44/76/1640333535/kategorieInfrarotkabine_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d0bbf0d84ea220a6379abbdb17aa2ca71086b71a9281d83d87380057c28ab3af

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Fri, 24 Dec 2021 08:12:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61c580df-a90e"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
43278
kategorieKajak_1920x1920.jpg
www.hartmannspa.de/thumbnail/9d/5f/42/1640340228/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/9d/5f/42/1640340228/kategorieKajak_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a7979a20b6057e69264f61a77680f4c6a44ca7e24071ab838de0b4d6181ccfc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Fri, 24 Dec 2021 10:03:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61c59b04-8767"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
34663
kategorieMassageSessel_1920x1920.jpg
www.hartmannspa.de/thumbnail/67/14/b6/1640340228/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/67/14/b6/1640340228/kategorieMassageSessel_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dc3366e7c9dcb85631d1b91b3cc138c8868bd6220c359a1b90026596ec426477

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Fri, 24 Dec 2021 10:03:48 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61c59b04-7b30"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
31536
HomeTeaser_1920x1920.jpg
www.hartmannspa.de/thumbnail/60/c0/b8/1641823741/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/60/c0/b8/1641823741/HomeTeaser_1920x1920.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
293677b7151057adbf536f7f5d480f3bf730d831aa9fd35a1150589646cb2dc3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Mon, 10 Jan 2022 14:09:18 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61dc3e0e-1f742"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
128834
mspa-model-oslo-7_400x400.jpg
www.hartmannspa.de/thumbnail/21/e2/d8/1677141228/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/21/e2/d8/1677141228/mspa-model-oslo-7_400x400.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
51520165ab686d8697b59c625cf2175964073eddf59bdcb5330e98d4e51660a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Thu, 23 Feb 2023 08:33:49 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63f724ed-8018"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
32792
mspa-model-meteor-8_400x400.jpg
www.hartmannspa.de/thumbnail/c7/b7/c1/1672913797/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/thumbnail/c7/b7/c1/1672913797/mspa-model-meteor-8_400x400.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a0b9b53a53e43f5ed24334f42007f309d54abbfcc680169ba11372df43fbc57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Thu, 05 Jan 2023 10:17:04 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63b6a3a0-5c1b"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
23579
CAMAROmitLED.jpg
www.hartmannspa.de/media/41/81/e5/1679650150/ 		834 KB
834 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/media/41/81/e5/1679650150/CAMAROmitLED.jpg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f83c840db8c77fdef6132fcbe8cfe8179b9b0c2c830400b7e961fb9ffeea7a25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Fri, 24 Mar 2023 09:28:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"641d6d5b-d07db"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
853979
klarna.png
x.klarnacdn.net/payment-method/assets/badges/generic/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.klarnacdn.net/payment-method/assets/badges/generic/klarna.png
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:5400:1e:5ae:1e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4db52e15e82bfccbe1375bcde5ddc7b77fc7176a8589f8a6588be890b0c82fc2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
OaiuAXGz49amdmwtaZVfZ6ARmGLNnOHF
date
Wed, 14 Feb 2024 06:04:08 GMT
via
1.1 46a179b8ac401f1f1def1c8690577c3e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
44045
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3069
last-modified
Tue, 18 Oct 2022 11:44:39 GMT
server
AmazonS3
etag
"c00ee1d24d8ef81e8b2d1b7acc95d94b"
vary
Accept-Encoding
content-type
image/png
cache-control
public,max-age=604800
accept-ranges
bytes
x-amz-cf-id
ZNhqFi-sKh6w0iq-Cv_nO6cC2Apn9n5wgarERMtCWyZ2FNXGKpOwnQ==
paypal-icon.svg
www.hartmannspa.de/media/fb/79/bd/1639406307/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/media/fb/79/bd/1639406307/paypal-icon.svg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a9a4b9a9d9ed458353ea4b3b28feec003bc9920be59dfb9c73f71ef4f8eab987

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Mon, 13 Dec 2021 14:38:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b75ae3-88d"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
2189
creditcard-icon.svg
www.hartmannspa.de/media/8a/8d/c4/1639406306/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/media/8a/8d/c4/1639406306/creditcard-icon.svg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7f4d40304501d047f81350a9bd37f5b9d5d6aad0efc97b633a132bb164eb2393

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Mon, 13 Dec 2021 14:38:26 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b75ae2-105f"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
4191
applepay-icon.svg
www.hartmannspa.de/media/ce/27/48/1639406306/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hartmannspa.de/media/ce/27/48/1639406306/applepay-icon.svg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
505ddbc5d0a98c14413bb2effd196195e39b88c028798d2a8e1ec7b6b7052020

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Mon, 13 Dec 2021 14:38:26 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b75ae2-cbf"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
3263
paypal.svg
cdn.biloba-it.de/shopware/assets/svgs/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.biloba-it.de/shopware/assets/svgs/paypal.svg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.101.75 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
php-56-1.bilobahost.de
Software
nginx /
Resource Hash
0bd6bde3574b9cab2ffcce6fa7d4f67b0b4b2cd415b3ff7a6e0fd1ba8225fc63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 18:17:59 GMT
content-encoding
gzip
last-modified
Mon, 24 May 2021 19:43:57 GMT
server
nginx
etag
W/"60ac01fd-12b9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Fri, 15 Mar 2024 18:17:59 GMT
klarna.svg
cdn.biloba-it.de/shopware/assets/svgs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.biloba-it.de/shopware/assets/svgs/klarna.svg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.101.75 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
php-56-1.bilobahost.de
Software
nginx /
Resource Hash
b76b632847297199c4302fd8908c2215d59f92bb7e30d78b9159c82e134d4110

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 18:17:59 GMT
content-encoding
gzip
last-modified
Mon, 24 May 2021 19:43:57 GMT
server
nginx
etag
W/"60ac01fd-954"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Fri, 15 Mar 2024 18:17:59 GMT
mastercard.svg
cdn.biloba-it.de/shopware/assets/svgs/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.biloba-it.de/shopware/assets/svgs/mastercard.svg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.101.75 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
php-56-1.bilobahost.de
Software
nginx /
Resource Hash
63cc6a3295bbc89e8ed87672e74d0ee4673eedcce4c193d5f5d050bc75f44f8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 18:17:59 GMT
content-encoding
gzip
last-modified
Mon, 24 May 2021 19:43:57 GMT
server
nginx
etag
W/"60ac01fd-3386"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Fri, 15 Mar 2024 18:17:59 GMT
visa.svg
cdn.biloba-it.de/shopware/assets/svgs/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.biloba-it.de/shopware/assets/svgs/visa.svg
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.101.75 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
php-56-1.bilobahost.de
Software
nginx /
Resource Hash
6ff062f9eb62b2766ab4b3946444abe4982620ecc56581c4a92c92c6f8120456

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 18:17:59 GMT
content-encoding
gzip
last-modified
Mon, 24 May 2021 19:43:57 GMT
server
nginx
etag
W/"60ac01fd-ad0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
expires
Fri, 15 Mar 2024 18:17:59 GMT
all.js
www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/js/ 		841 KB
841 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/js/all.js?1647256006860903
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c90e793d1edc13f209ce9bee5572f86d022a01e0cbb1204c1a3731ac8b84f750

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:59 GMT
Last-Modified
Mon, 14 Mar 2022 11:06:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"622f21c6-d22e7"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
860903
roboto-v29-latin-regular.woff2
www.hartmannspa.de/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/fonts/roboto-v29-latin-regular.woff2
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Origin
https://www.hartmannspa.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:58 GMT
Last-Modified
Mon, 13 Dec 2021 15:50:51 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b76bdb-3d48"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
15688
roboto-v29-latin-700.woff2
www.hartmannspa.de/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/fonts/roboto-v29-latin-700.woff2
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer
https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Origin
https://www.hartmannspa.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:58 GMT
Last-Modified
Mon, 13 Dec 2021 15:50:52 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b76bdc-3dd4"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
15828
fa-solid-900.woff2
www.hartmannspa.de/fonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/fonts/fa-solid-900.woff2
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Origin
https://www.hartmannspa.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:58 GMT
Last-Modified
Thu, 16 Dec 2021 15:43:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61bb5ead-139ac"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
80300
roboto-condensed-v19-latin-700.woff2
www.hartmannspa.de/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/fonts/roboto-condensed-v19-latin-700.woff2
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Request headers

Referer
https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/css/all.css?1647256006464768
Origin
https://www.hartmannspa.de
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 18:17:58 GMT
Last-Modified
Mon, 13 Dec 2021 15:10:08 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61b76250-3d18"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, PATCH
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
15640
info
www.hartmannspa.de/widgets/checkout/ 		1009 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hartmannspa.de/widgets/checkout/info
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/js/all.js?1647256006860903
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.61.195.196 Nuremberg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
mail.regen-chemnitz.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
968e6abc4ee00945a05ffb91e233c516c489961ee7543c8c912c61f6ded4aa07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://www.hartmannspa.de/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/json

Response headers

Date
Wed, 14 Feb 2024 18:18:00 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Frame-Options
deny
Content-Type
text/html; charset=UTF-8
Cache-Control
private
Connection
keep-alive
x-robots-tag
noindex
js
www.paypal.com/sdk/ 		411 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/theme/66587accf9f428e8847d547ca2de29fa/js/all.js?1647256006860903
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95031be71afc2bb19d11828d2f8694eeafee3652febfaaa0d4f3b1b7151797a2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Wed, 14 Feb 2024 18:18:01 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
p3p
true
paypal-debug-id
f531072e56903
server-timing
"traceparent;desc="00-0000000000000000000f531072e56903-8d5b96387eb029f3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
114843
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000030-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f531072e56903-f38c70387f3fdd47-01
x-timer
S1707934681.609085,VS0,VE543
etag
W/"1c09b-+ZbFn7kZEBcwjSEc/KXSFRSHrKg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
local
www.paypal.com/credit-presentment/experiments/ Frame ED96 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_juirfoioejrjnoaiskmmkldkgkqxxe&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&version=1.55.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57e3d269ab41a3615850c627bcf8f772c64b0cc200ce10f15dcb83a4b28674b1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hartmannspa.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
84718
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1525
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 14 Feb 2024 18:18:01 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-fo10vpzJmh27jAUnF/VTP07xwcY"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f594215ba01d5
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f594215ba01d5-64b990ff8cb3f3c2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f594215ba01d5-db85d0353525408b-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
333, 19645, 0
x-served-by
cache-iad-kcgs7200113-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
x-timer
S1707934681.387673,VS0,VE6
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.hartmannspa.de&t=xo&v=5.0.422&source=payments_sdk&client_id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&comp=marks,buttons,messages&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PB9btpgYTvvfH4WzVDYsJQFSzIRq+H10bbIdiWJtNvwEYVr4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-PB9btpgYTvvfH4WzVDYsJQFSzIRq+H10bbIdiWJtNvwEYVr4' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Feb 2024 18:18:01 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f5310727eb3b6
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4338
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200166-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5310727eb3b6-4bff082835a8dd9e-01
x-timer
S1707934681.362828,VS0,VE213
etag
W/"2f8b-lWMMAqH5NWBufCerdpb7DcGAARo"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
js
www.paypal.com/sdk/ Frame ED96 		411 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_juirfoioejrjnoaiskmmkldkgkqxxe&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&version=1.55.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95031be71afc2bb19d11828d2f8694eeafee3652febfaaa0d4f3b1b7151797a2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_juirfoioejrjnoaiskmmkldkgkqxxe&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&version=1.55.0&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Wed, 14 Feb 2024 18:18:01 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, HIT, MISS
p3p
true
paypal-debug-id
f531072e56903
server-timing
"traceparent;desc="00-0000000000000000000f531072e56903-8d5b96387eb029f3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
114843
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000030-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f531072e56903-f38c70387f3fdd47-01
x-timer
S1707934681.463657,VS0,VE5
etag
W/"1c09b-+ZbFn7kZEBcwjSEc/KXSFRSHrKg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 1, 0
hash
www.paypal.com/credit-presentment/experiments/ Frame ED96 		40 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_a98f4ac71b_mtg6mtg6mde&disableSetCookie=true&features=disable-set-cookie
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_juirfoioejrjnoaiskmmkldkgkqxxe&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&version=1.55.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_juirfoioejrjnoaiskmmkldkgkqxxe&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&version=1.55.0&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Wed, 14 Feb 2024 18:18:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS, MISS, MISS
paypal-debug-id
f161812ade6ca
server-timing
"traceparent;desc="00-0000000000000000000f161812ade6ca-c02f81b8b816ae28-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
56
x-xss-protection
1; mode=block
x-served-by
cache-iad-kcgs7200059-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f161812ade6ca-464c4c41e35edbf4-01
x-timer
S1707934682.647669,VS0,VE134
etag
W/"28-xz7oeWVj/8B52QKKulWR9ZDQlKU"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
ts
t.paypal.com/ 		42 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=HartmannSpa%20%7C%20The%20World%20of%20Wellness%20%7C%20Whirlpools%20%26%20Saunen&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1707934681654&g=600&completeurl=https%3A%2F%2Fwww.hartmannspa.de%2F&ru=https%3A%2F%2Fwww.hartmannspa.de%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D&disableSetCookie=true
Requested by
Host: www.hartmannspa.de
URL: https://www.hartmannspa.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (dcd/7D6C) /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hartmannspa.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Feb 2024 18:18:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
correlation-id
5c11628541b59
server
ECAcc (dcd/7D6C)
traceparent
00-00000000000000000005c11628541b59-ab73d25d4a8f1d1e-01
vary
Accept-Encoding
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
5c11628541b59
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin
*
expires
Wed, 14 Feb 2024 18:18:02 GMT
logger
www.paypal.com/xoplatform/logger/api/ Frame ED96 		0
0
message
www.paypal.com/credit-presentment/smart/ Frame 134C 		58 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&channel=UPSTREAM&style=%7B%22layout%22%3A%22text%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%228x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&version=1.55.0&integrationType=SDK&deviceID=uid_a98f4ac71b_mtg6mtg6mde&sessionID=uid_93b6dacd6f_mtg6mtg6mde&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&message_request_id=uid_982dc4216f_mtg6mtg6mde&disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
444c4044bcfa95754e9bb7abc84d4eb5403340313321ccb6622a86cd340b824d
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-k268HCSRGGlch2JT9A18A+BRKhmvQ6F8FKaNWiHURfY=' 'sha256-6xeS5u+7xo2CbcWsaRVS6O6l2sk8aIPkvM3GqjFii6k=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hartmannspa.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
15884
cache-control
s-maxage=21600, max-age=0
content-encoding
gzip
content-length
19922
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-k268HCSRGGlch2JT9A18A+BRKhmvQ6F8FKaNWiHURfY=' 'sha256-6xeS5u+7xo2CbcWsaRVS6O6l2sk8aIPkvM3GqjFii6k=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Wed, 14 Feb 2024 18:18:02 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-message, up-country-DE, up-profile-4492e7e294d509895b47b7161589271361b51d15, up-offer-GENERIC
etag
W/"e9d1-16LFooiD3KKsrIYTJyMZwlmdLwk"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f55310106e92b
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f55310106e92b-913920d53b3b4514-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f55310106e92b-960fdc80ee6f0716-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
51, 1, 0
x-served-by
cache-iad-kiad7000174-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
x-timer
S1707934682.095950,VS0,VE9
x-xss-protection
1; mode=block
smart-credit-message@1.55.0.js
www.paypalobjects.com/upstream/bizcomponents/js/versioned/ Frame 134C 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/upstream/bizcomponents/js/versioned/smart-credit-message@1.55.0.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&channel=UPSTREAM&style=%7B%22layout%22%3A%22text%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%228x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&version=1.55.0&integrationType=SDK&deviceID=uid_a98f4ac71b_mtg6mtg6mde&sessionID=uid_93b6dacd6f_mtg6mtg6mde&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&message_request_id=uid_982dc4216f_mtg6mtg6mde&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.210.155 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (phd/FD21) /
Resource Hash
357d1b59abacb0d553a78b061c7a35d78f1d3bcf19349764b9ca8d4dfd862236
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 18:18:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
5f095d579ff4f
dc
ccg11-origin-www-1.paypal.com
content-length
30166
last-modified
Wed, 31 Jan 2024 15:00:58 GMT
server
ECAcc (phd/FD21)
traceparent
00-00000000000000000005f095d579ff4f-e36248e664f94b19-01
etag
"65ba60aa-16d23+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 14 Feb 2024 19:18:02 GMT
js
www.paypal.com/sdk/ Frame 134C 		411 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&channel=UPSTREAM&style=%7B%22layout%22%3A%22text%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%228x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&version=1.55.0&integrationType=SDK&deviceID=uid_a98f4ac71b_mtg6mtg6mde&sessionID=uid_93b6dacd6f_mtg6mtg6mde&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&message_request_id=uid_982dc4216f_mtg6mtg6mde&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95031be71afc2bb19d11828d2f8694eeafee3652febfaaa0d4f3b1b7151797a2
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&channel=UPSTREAM&style=%7B%22layout%22%3A%22text%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%228x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&version=1.55.0&integrationType=SDK&deviceID=uid_a98f4ac71b_mtg6mtg6mde&sessionID=uid_93b6dacd6f_mtg6mtg6mde&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&message_request_id=uid_982dc4216f_mtg6mtg6mde&disableSetCookie=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-8QgQMnvAid+pvddhB244d14n9fM0yfwrnyP4+iokAbGWOr7r' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Wed, 14 Feb 2024 18:18:02 GMT
age
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, HIT, MISS
p3p
true
paypal-debug-id
f531072e56903
server-timing
"traceparent;desc="00-0000000000000000000f531072e56903-8d5b96387eb029f3-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
114843
x-xss-protection
1; mode=block
x-served-by
cache-iad-kiad7000030-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f531072e56903-f38c70387f3fdd47-01
x-timer
S1707934682.189054,VS0,VE4
etag
W/"1c09b-+ZbFn7kZEBcwjSEc/KXSFRSHrKg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 2, 0
truncated
/ Frame 134C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 134C 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
logger
www.paypal.com/xoplatform/logger/api/ Frame 134C 		1017 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e42e7eeda7eab2faa636d18ef1cb14d7a8f4651a9437dada516c94cac42e63f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.paypal.com/credit-presentment/smart/message?currency=EUR&amount=0&channel=UPSTREAM&style=%7B%22layout%22%3A%22text%22%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%228x1%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%7D&client_id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&merchant_config=4492e7e294d509895b47b7161589271361b51d15&treatments=72db46b3a52fb45b03f5b14d36f3b7832bf436d2&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPW1hcmtzLGJ1dHRvbnMsbWVzc2FnZXMmY2xpZW50LWlkPUFmcGpodDVLNnZTNld2UkVQNFBZLUludEpJU0dDWG02Q0I3ZVZodEdBSUdGQnlUTURaTlhrMUxTUURkVF9fV3ZOZ0dfQk5RRlRzQTkyTGVnJmNvbW1pdD1mYWxzZSZjdXJyZW5jeT1FVVIiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9qdWlyZm9pb2Vqcmpub2Fpc2ttbWtsZGtna3F4eGUifX0&env=production&version=1.55.0&integrationType=SDK&deviceID=uid_a98f4ac71b_mtg6mtg6mde&sessionID=uid_93b6dacd6f_mtg6mtg6mde&scriptUID=uid_juirfoioejrjnoaiskmmkldkgkqxxe&message_request_id=uid_982dc4216f_mtg6mtg6mde&disableSetCookie=true
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

date
Wed, 14 Feb 2024 18:18:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f161812b1d18f
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kjyo7100062-IAD, cache-ewr18158-EWR, cache-ewr18158-EWR
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f161812b1d18f-b3f557a822cd76cd-01
x-timer
S1707934682.410924,VS0,VE103
etag
W/"3f9-btcgkA1WcWYV/v2PzeeU1XaURJ0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hartmannspa.de
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.hartmannspa.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Wed, 14 Feb 2024 18:18:02 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f8607313c52fa
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f8607313c52fa-23f138a618c5a0fd-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-iad-kjyo7100115-IAD, cache-ewr18125-EWR, cache-ewr18125-EWR
x-timer
S1707934683.543319,VS0,VE150
logger
www.paypal.com/xoplatform/logger/api/ 		1004 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=marks,buttons,messages&client-id=Afpjht5K6vS6WvREP4PY-IntJISGCXm6CB7eVhtGAIGFByTMDZNXk1LSQDdT__WvNgG_BNQFTsA92Leg&commit=false&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8507d88992c218d808acba3c226473e408e5443390ea87235cedfc845b28bfa2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://www.hartmannspa.de/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

date
Wed, 14 Feb 2024 18:18:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f8607319ea58d
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-iad-kcgs7200117-IAD, cache-ewr18125-EWR, cache-ewr18125-EWR
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f8607319ea58d-5f708bddbb0652b3-01
x-timer
S1707934683.751233,VS0,VE109
etag
W/"3ec-JhvmG3a7ZuRfEA16ih/pqSojaHs"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hartmannspa.de
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| features boolean| gtagActive string| gtagURL string| activeNavigationId object| router string| storeApiProxyToken string| salesChannelId object| breakpoints object| csrf object| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime object| picturefillCFG function| picturefill function| $ function| jQuery function| PluginConfigManager function| PluginManager function| PluginBaseClass function| Hammer function| flatpickr object| eventEmitter function| storeApiClient function| Feature object| __post_robot_11_0_0___uid_juirfoioejrjnoaiskmmkldkgkqxxe object| __zoid_10_3_3___uid_juirfoioejrjnoaiskmmkldkgkqxxe object| paypalDDL

6 Cookies

Domain/Path Name / Value
www.hartmannspa.de/ Name: session-
Value: rb1lgl1p9ptje59psflo053oj5
www.hartmannspa.de/ Name: csrf[frontend.mollie.apple-pay.authorize]
Value: 38643b5c76611b38610d9a919a91.m4XGZsbKRlsFIIfWX5zEE6K-wDdE4A59MVXH6JxoDnk.rN-rHoKSLjF9GdKGBs6VZdLR8GYH2UofYW2OgdsPRBD1wP8Jgb8MHTJwvw
www.hartmannspa.de/ Name: csrf[frontend.mollie.apple-pay.shipping-methods]
Value: 61adf88c4c656ada48cda.tD2zcUBa0UvQnoaRz7L1lgJn6hm5K7SJeiPMcGqSq_0.2VHGQCEvgBv9zsLGvOWS4DoNnSHPZf3BL2_1AF74w7b8cYFAcyqJHeWo9Q
www.hartmannspa.de/ Name: csrf[frontend.checkout.line-item.add]
Value: d409d47e073956414736d214d5.mUkwxEX1kKET-sJZ6Ktqz5PV6-F_YxceqkZyiSWgGes.9y94ihSS4vNajoYDv-ECkP-MmbEGNV5S_RwQpF2TRoP8GAevLY_Rw2GjpQ
www.hartmannspa.de/ Name: csrf[frontend.store-api.proxy]
Value: 41f943.RYAuGszkdU8mF3v9fjWak5o1bzUM601phiBdD47CL4o.L-1IKaGNIQVrbkmYO2Xq_vB2W2FT2gM83mskYN64QMwD-W0ooIA5N2B4Ig
www.hartmannspa.de/ Name: timezone
Value: Pacific/Honolulu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.biloba-it.de
hartmannspa.de
t.paypal.com
www.hartmannspa.de
www.paypal.com
www.paypalobjects.com
x.klarnacdn.net
www.paypal.com
151.101.1.21
159.69.101.75
192.229.210.155
202.61.195.196
2600:9000:26fa:5400:1e:5ae:1e00:93a1
0bd6bde3574b9cab2ffcce6fa7d4f67b0b4b2cd415b3ff7a6e0fd1ba8225fc63
0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1d51b3ddb1143db078f35bddb593dd3d9d6055e33080420423bd1984b9764d56
1e81841963e9660e960a2370bfa0acd49f47be265ab3c2d0888e2f4b53878c8f
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
293677b7151057adbf536f7f5d480f3bf730d831aa9fd35a1150589646cb2dc3
2a0b9b53a53e43f5ed24334f42007f309d54abbfcc680169ba11372df43fbc57
2c0f27dfa8252dc981a148722d79e079534c7db783d30042c9c0ef4a9ab6cf3a
2c4df7775d2d03978341fd9b0710a58f8f49eafef56559c03f2ef89804e8b697
2e42e7eeda7eab2faa636d18ef1cb14d7a8f4651a9437dada516c94cac42e63f
357d1b59abacb0d553a78b061c7a35d78f1d3bcf19349764b9ca8d4dfd862236
444c4044bcfa95754e9bb7abc84d4eb5403340313321ccb6622a86cd340b824d
4d1e3e19476d95372cdffb66c2d5857eed730888c66cc809b960216355d1acce
4db52e15e82bfccbe1375bcde5ddc7b77fc7176a8589f8a6588be890b0c82fc2
505ddbc5d0a98c14413bb2effd196195e39b88c028798d2a8e1ec7b6b7052020
51520165ab686d8697b59c625cf2175964073eddf59bdcb5330e98d4e51660a0
57e3d269ab41a3615850c627bcf8f772c64b0cc200ce10f15dcb83a4b28674b1
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
638814dfb779a99e7ead6654954b07bced50aa42c05bcf4bcfe29985d36b1064
63cc6a3295bbc89e8ed87672e74d0ee4673eedcce4c193d5f5d050bc75f44f8b
694e871087b89348ba8c1730e69901bc2795073b1188d6ffbb4bd43d43058cc8
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f8db6af35c801af91705b3d2ccb2a46363a2b89e02ac12ec5b6df22bec549d9
6ff062f9eb62b2766ab4b3946444abe4982620ecc56581c4a92c92c6f8120456
7b43cb1814ca80746730f4207edcd1175bb5e95baf32398cfa5c891cb06713d7
7f4d40304501d047f81350a9bd37f5b9d5d6aad0efc97b633a132bb164eb2393
8507d88992c218d808acba3c226473e408e5443390ea87235cedfc845b28bfa2
95031be71afc2bb19d11828d2f8694eeafee3652febfaaa0d4f3b1b7151797a2
968e6abc4ee00945a05ffb91e233c516c489961ee7543c8c912c61f6ded4aa07
9f15645fa359f1a0decb522902b05eba35b3c899a8f3f65f07c0b5b79ff5a26e
a7979a20b6057e69264f61a77680f4c6a44ca7e24071ab838de0b4d6181ccfc5
a9a4b9a9d9ed458353ea4b3b28feec003bc9920be59dfb9c73f71ef4f8eab987
b76b632847297199c4302fd8908c2215d59f92bb7e30d78b9159c82e134d4110
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
c90e793d1edc13f209ce9bee5572f86d022a01e0cbb1204c1a3731ac8b84f750
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0bbf0d84ea220a6379abbdb17aa2ca71086b71a9281d83d87380057c28ab3af
d5c85a10f27ad850104976df5bbfd409f8c36f7d643f8eb4835aa488d3669367
dc3366e7c9dcb85631d1b91b3cc138c8868bd6220c359a1b90026596ec426477
ef2f89c664962bd1b9a187ec58671315ff0cc71af3d6f55930f5b6ace92766e3
f10448fd4040ffbbe7ffc433c7c7df119fda03985167ae1eaf6bb8502adf2cc0
f83c840db8c77fdef6132fcbe8cfe8179b9b0c2c830400b7e961fb9ffeea7a25